Subversion Repositories ALCASAR

Rev

Rev 2333 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log

Rev 2333 Rev 2334
Line 1... Line 1...
1
# $Id: CHANGELOG 2333 2017-07-11 16:25:45Z tom.houdayer $
1
# $Id: CHANGELOG 2334 2017-07-11 16:47:34Z tom.houdayer $
2
 
2
 
3
********** ALCASAR CHANGELOG **********
3
********** ALCASAR CHANGELOG **********
4
 
4
 
5
-------------------- 3.1.3 --------------------
5
-------------------- 3.1.3 --------------------
6
NEWS
6
NEWS
Line 17... Line 17...
17
	- New ACC menu (with JS instead of PHP reload).
17
	- New ACC menu (with JS instead of PHP reload).
18
	- Add option to allow unsecure login for user interception.
18
	- Add option to allow unsecure login for user interception.
19
 
19
 
20
BUGS
20
BUGS
21
	- Display info field for DHCP static equipment
21
	- Display info field for DHCP static equipment
22
	- Fix bug which the encrypted password is printed in a random column in the ACC user editor.
22
	- Fix bug where the encrypted password is printed in a random column in the ACC user editor.
23
 
23
 
24
SECU
24
SECU
25
	- Rename Fail2Ban rule "alcasar_acc-htdigest" to "alcasar_acc" (iptables does not support long name).
25
	- Rename Fail2Ban rule "alcasar_acc-htdigest" to "alcasar_acc" (iptables does not support long name).
26
	- Remove '/usr/bin/openssl' sudo privilege for 'apache' user.
26
	- Remove '/usr/bin/openssl' sudo privilege for 'apache' user.
27
	- Escape exec() parameters in ACC to prevent RCE attacks.
27
	- Escape exec() parameters in ACC to prevent RCE attacks.